apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: ks-apiserver
    tier: backend
    version: {{ ks_version }}
  name: ks-apiserver
  namespace: kubesphere-system
spec:
  strategy:
    rollingUpdate:
      maxSurge: 0
    type: RollingUpdate
{% if master_num is defined and master_num != "0" %}
  replicas: {{ master_num }}
{% else %}
  replicas: 1
{% endif %}
  selector:
    matchLabels:
      app: ks-apiserver
      tier: backend
      version: {{ ks_version }}
  template:
    metadata:
      labels:
        app: ks-apiserver
        tier: backend
        version: {{ ks_version }}
    spec:
      containers:
      - command:
        - ks-apiserver
        - --logtostderr=true
        image: {{ ks_apiserver_repo }}:{{ ks_apiserver_tag }}
        imagePullPolicy: {{ ks_image_pull_policy }}
        name: ks-apiserver
        ports:
        - containerPort: 9090
          protocol: TCP
        resources:
          limits:
            cpu: {{ ks_apiserver_cpu_limit }}
            memory: {{ ks_apiserver_memory_limit }}
          requests:
            cpu: {{ ks_apiserver_cpu_requests }}
            memory: {{ ks_apiserver_memory_requests }}
        volumeMounts:
        - mountPath: /var/run/docker.sock
          name: docker-sock
        - mountPath: /etc/kubesphere/ingress-controller
          name: ks-router-config
        - mountPath: /etc/kubesphere/
          name: kubesphere-config
        - mountPath: /etc/localtime
          name: host-time
        livenessProbe:
          failureThreshold: 8
          httpGet:
            path: /kapis/version
            port: 9090
            scheme: HTTP
          initialDelaySeconds: 15
          timeoutSeconds: 15
      serviceAccount: kubesphere
      serviceAccountName: kubesphere
      tolerations:
        - key: node-role.kubernetes.io/master
          effect: NoSchedule
        - key: CriticalAddonsOnly
          operator: Exists
        - effect: NoExecute
          key: node.kubernetes.io/not-ready
          operator: Exists
          tolerationSeconds: 60
        - effect: NoExecute
          key: node.kubernetes.io/unreachable
          operator: Exists
          tolerationSeconds: 60
      affinity:
        nodeAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
          - weight: 100
            preference:
              matchExpressions:
              - key: node-role.kubernetes.io/master
                operator: In
                values:
                - ""
{% if master_num is defined and master_num != "1" %}
        podAntiAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
          - topologyKey: kubernetes.io/hostname
            labelSelector:
              matchExpressions:
              - key: app
                operator: In
                values:
                - ks-apiserver
            namespaces:
            - kubesphere-system
{% endif %}
      volumes:
      - hostPath:
          path: /var/run/docker.sock
          type: ""
        name: docker-sock
      - configMap:
          defaultMode: 420
          name: ks-router-config
        name: ks-router-config
      - configMap:
          defaultMode: 420
          name: kubesphere-config
        name: kubesphere-config
      - hostPath:
          path: /etc/localtime
          type: ""
        name: host-time

---

apiVersion: v1
kind: Service
metadata:
  annotations:
    kubernetes.io/created-by: kubesphere.io/ks-apiserver
  labels:
    app: ks-apiserver
    tier: backend
    version: {{ ks_version }}
  name: ks-apiserver
  namespace: kubesphere-system
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 9090
  selector:
    app: ks-apiserver
    tier: backend
    version: {{ ks_version }}
  type: ClusterIP
